Security is an evolutionary process. But a few common factors will always undermine it.
- Convenience: If security is not easy and convenient, people will tend to choose the more convenient option. This is why in 2016 123456 was still number 1 on the worst passwords list. Convenience will trump security.
- Default configurations: The reality is that most people will stick to the default setting, even if a more secure option (that requires customization) is available. See European organ donors rates for an example of the power of the default effect.
- The Human Element: Be it that someone shoulder surfing to snoop on a passcode, tricking someone into disclosing a password, or using someone’s fingerprint while they sleep to unlock a phone – technology can always be subverted by attacking the human element.
Enter Frictionless Technology
Frictionless tech can be defined as technology experiences that remove time consuming processes. Liberating us to use the technology, without thinking about it.
This is what made Uber successful – not necessarily coming up with new tech, but stitching together existing technologies and making the experience seamless, particularly when it came to payment. I don’t have to think about it. I don’t want to think about it. I simply want to trust that it just works.
I’ve been playing with the iPhone X for a week now, and I can say that the new Face ID feature is an evolution in frictionless security. The concept is not new, but the implementation of the technology in the iPhone X is so seamless that it just works, with no effort on my part. And that is HUGE.
I hold a lot of personal information on my phone (as do most of us), and now that information is tied to me in previously impossible ways. Unlocked by me looking at my phone. The lock screen default configuration is more secure than other phones (nosy people can no longer read messages from my lock screen, yet I can), and the user experience of unlocking apps by just looking at my phone is much easier than any other option out there. Face ID just made the default option easier to use and more secure.
No doubt others realize the improvement in mobile security that Face ID provides. In the next couple of years I only expect to see more and more manufacturers heading in this direction, and more apps integrating with Face ID or similar technologies. It won’t solve all of our problems, and there are limitations, but it raises the bar, and we all win when that happens.
Maybe one day the password 123456 will no longer be on the top 10 list.